Imperva's Crystal Ball: Finally, Security for Security's Sake

Security trends for consumers to watch in 2012 include a rise in the frequency and sophistication of DDoS attacks, an assault on the HTML 5 standard, and the automation of social media incursions, according to security service provider Imperva.

The top trend Imperva predicts to take root next year is a shift from compliance-driven security decision-making by companies towards the implementation of security measures for their own sake.

"In the past, security decisions were usually driven by compliance," Imperva said in a statement Tuesday. "However, in 2012 we expect to see security decisions driven by security. The past influx of laws and regulations which drove the budget and security solutions, such as PCI or SOX, was used to feed the security budget. With the cost of a breach rising, industrialized hacking impacting many organizations, and the need to protect of intellectual property, we expect to see more companies making cyber security decisions based on security."

Imperva expects Distributed Denial of Service (DDoS) attacks like those carried out in the past few years by anonymous hackers to take down websites to remain popularand to get more sophisticated, "shifting from network level attacks to application level attacks, and even business logic level attacks."

The SSL protocol used to secure Web communications will also continue to come under fire, according to the security firm, which expects such attacks to "reach a tipping point in 2012," prompting "a serious discussion about real alternatives for secure Web communications."

The HTML 5 standard is a boon to Web developers looking to build a more dynamic user experience without needing to rely on third-party tools like Flash and Java. But Imperva predicts the growth of HTML 5 will also encourage hackers to try to exploit its vulnerabilities and use Web browsers to install malware on victims' computers.

"Hacking, by nature, is a discipline that relies on innovation," said Imperva CTO Amichai Shulman. The security firm believes that in addition to creating new attack vectors through DDoS, SSL, and HTML 5, hackers in 2012 will continue to use SQL exploits in new and clever ways, while also automating social media attacks to take advantage of the growing use of social media tools in business settings.

Imperva also listed three more big security concerns for businesses in the year aheadinternal collaboration suites that are made vulnerable when used externally, the security vulnerabilities in "Big Data" stores, and access points in enterprise security that have been exposed via the consumerization of IT in recent years.

Damon Poeter got his start in journalism working for the English-language daily newspaper The Nation in Bangkok, Thailand. He covered everything from local news to sports and entertainment before settling on technology in the mid-2000s. Prior to joining PCMag, Damon worked at CRN and the Gilroy Dispatch. He has also written for the San Francisco Chronicle and Japan Times, among other newspapers and periodicals.
More »

Automatic Renewal Program: Your subscription will continue without interruption for as long as you wish, unless
you instruct us otherwise. Your subscription will automatically renew at the end of the term unless you authorize
cancellation. Each year, you'll receive a notice and you authorize that your credit/debit card will be charged the
annual subscription rate(s). You may cancel at any time during your subscription and receive a full refund on all
unsent issues. If your credit/debit card or other billing method can not be charged, we will bill you directly instead. Contact Customer Service